CVE-2024-27017

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2024-27017

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-27017.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2024-27017

Downstream

BELL-CVE-2024-27017

DEBIAN-CVE-2024-27017

DLA-4008-1

DLA-4075-1

DSA-5782-1

OESA-2024-1738

RHSA-2024:8856

RHSA-2024:8870

RHSA-2024:9315

RHSA-2025:1658

SUSE-SU-2024:4314-1

SUSE-SU-2024:4316-1

SUSE-SU-2024:4318-1

SUSE-SU-2024:4387-1

UBUNTU-CVE-2024-27017

USN-6893-1

USN-6893-2

USN-6893-3

USN-6918-1

USN-6923-1

USN-6923-2

USN-6927-1

USN-6956-1

USN-6957-1

USN-7019-1

Related

Published

2024-05-01T06:15:20Z

Modified

2025-08-09T20:01:28Z

Severity

5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N CVSS Calculator

Summary

[none]

Details

In the Linux kernel, the following vulnerability has been resolved:

netfilter: nftsetpipapo: walk over current view on netlink dump

The generation mask can be updated while netlink dump is in progress. The pipapo set backend walk iterator cannot rely on it to infer what view of the datastructure is to be used. Add notation to specify if user wants to read/update the set.

Based on patch from Florian Westphal.

References

Affected packages